Security Experts:

Think Big, Start Small, Move Fast: Applying Lessons From The Mayo Clinic to Cybersecurity

I have previously written about how much the Mayo Clinic impacted my life through my experience and time there. In that article I discussed their approach to multi-disciplinary patient triaging and how looking at patients as a whole, rather than a system of discrete systems, helps them to make the right decisions. This same mindset can be applied to software and design to build great products. 

Another favorite takeaway, however, was Mayo’s Research Team’s mantra of Think Big, Start Small, Move Fast. It is a powerful concept that has enabled the Mayo Clinic to stay ahead, advancing medicine since the mid 1800s. This concept has also helped to advance the product development and cybersecurity domains as well. 

There are books written about this, so I won’t get into the weeds of what the Mayo research teams do, however I will explore how we have adapted this in various ways. First off, like so many “mantras”, this is not prescriptive and is not a strict recipe for success. Instead, by following the general guidance that having a larger goal in mind, distilling it down and executing iteratively, you will arrive at your destination more efficiently.  

Think Big

Thinking big focuses our product development team on defining the widest possible application for a service, feature, or design pattern so we can create the opportunity for force-multiplication. This increases the possibility that we’ll build something that can be reused. A good example of this is the way we deploy software. Normalizing the approach to software containerization and deployment allows us to leverage security patching across the board, without wasting valuable security resources chasing independent code stacks.

Likewise, for our threat intelligence products, we look to collect, enrich and position supporting data in such a way that as many products and services can leverage it as possible. An example of this is utilizing security frameworks to describe intelligence in a common way that allows sharing of behavioral information, as well as tactical indicators, that can be quickly acted upon across all our products. 

Start Small

Starting small is a real challenge, because it really means starting small again and again and to do it well, it takes time and energy.  It’s much like Mark Twain’s comment about not having the time to write a short note, so he wrote a long one. With the big goal in mind, it takes real effort to break the problem down to workable chunks while at respecting the overall goal at the same time. This process is iterative, and where discipline and commitment to design patterns and architecture become critical.  

Trying to boil the ocean by chasing every vulnerability can be daunting for cybersecurity companies or companies deploying cyber solutions. Instead, eat the elephant one bite at a time.  Prioritization becomes critical for these discissions, and a solid framework for how you make prioritization decisions is key to this. For us, we use a tool that takes parameters for a given product that we value in our decision-making, weighs them, and spits out a number that indicates how important this feature is. We then use that information as a starting point for discussion. It takes the subjectivity out of the initial prioritization and focuses the discussion on the most salient things we want to get done.

Move Fast

When you teach your teenager to drive, an important lesson is teaching them what they should be looking at. If they are focused on the road directly in front of the car, things move very quickly, and the ability to react is reduced. Looking up allows them to better anticipate things; where to break, where a curve’s apex is, etc. Moving fast is directly connected to moving smoothly and keeping your eyes as far down the road as possible enables that.

Our teams, whether you are on software development, intelligence teams or professional services, strive to speed up whatever we’re doing. Performance-driven metrics are one way to look at this, but you need to be careful with them. Misplaced metrics, much like looking at the road just beyond the hood, creates the illusion of speed. We seek to move smoothly relative to the bigger picture and speed up as we become better at what we’re doing. The metrics we are shooting for are not myopic. If we spend an extra week in delivering the first revision of a service within a product, but reduce the release time by three days in three other products, we’re gaining ground.  

The iterative approach of thinking big, starting small and moving fast can keep a large medical institution at the forefront of advancements in patient care, and it can also help you navigate through the daunting task of increasing the security of your enterprise. Just make sure you take it one bite at a time and keep your eyes on the road ahead.

view counter
Keith Ibarguen is Chief Product Officer at Cofense, and has more than 25 years of technical and managerial experience, most recently serving as Chief Engineer for the Law Enforcement and Domestic Security Division at the MITRE Corporation. He has worked to develop and enable novel solutions across a number of MITRE Sponsor and internal programs throughout his career, leveraging his expertise in cyber operations and enterprise cyber security, software development, enterprise IT design and deployment. Throughout his years of service, he has led activities with the DoD, the Intelligence, and Law Enforcement Communities as well as partnered with numerous not for profit and commercial firms.